An Xdbg Plugin of the ERC Library.

A curated list of Awesome Threat Intelligence resources

Converts PE into a shellcode

Obfuscate specific windows apis with different apis

Windows kernel and user mode emulation.

A protective and Low Level Shellcode Loader that defeats modern EDR systems.

macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments…

Enumerate and disable common sources of telemetry used by AV/EDR.

List of Awesome CobaltStrike Resources

HackSys Extreme Vulnerable Driver (HEVD) - Windows & Linux

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Situational Awareness commands implemented using Beacon Object Files

Example code for using named pipe output with beacon ReflectiveDLLs

Keylogger driver for Windows

Library to load a DLL from memory.

some pocs for antivirus evasion

A tool to create obfuscated HTA script.

Covenant is a collaborative .NET C2 framework for red teamers.

Red Teaming & Pentesting checklists for various engagements

Binaries, PowerShell scripts and information about Digital Signature Hijacking.

Malware Configuration And Payload Extraction

ReaCOM has got a lot of tools to use and is related to component object model

SharpGPOAbuse is a .NET application written in C# that can be used to take advantage of a user's edit rights on a Group Policy Object (GPO) in order to compromise the objects that are controlled by…

A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools. Runs on Linux, OSX and Windows.

Lateral Movement technique using DCOM and HTA

AntiVirus Evasion Tool

Automate creating resilient, disposable, secure and agile infrastructure for Red Teams

List of Awesome Red Teaming Resources